Why would you leave PermitRootLogin to yes? Doesn’t really matter, if root ca nit login anyways?!
Just like you don’t really need UFW, not really harmful and for piece of mind :)
But to be honest, I am no expert either. I look at your config and think, just leave everything at default besides these twos:
PubkeyAuthentication yes PasswordAuthentication no
Things like
MaxAuthTries 3
don’t matter for public key auth.
Gosh, if the Reddit community would have the same outrage towards that, as to the base model being 8GB, we would be in a better world. The increasing demands in productivity apps and in games due to shitty code is just ridiculous.
And it really sucks for consumers, because if this negative trend won’t stop, your new 16GB RAM MacBook will be EoL in a few years. Unlike your old 2013 that you could use for almost a decade.